RealOne Player and RealPlayer Might Run Arbitrary Code

A vulnerability in RealOne Player and RealPlayer can allow a remote intruder to run arbitrary code in the context of the currently logged on user. The vulnerability is due to incorrect parsing of images that are part of skins designed for the multiplayers. Critical vulnerabilities were also discovered in RealPlayer Enterprise, which were reported by unknown security searchers. RealNetworks released patches and updates to correct all of the reported problems.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish